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(54) Encryption system with transaction coded decryption key 



(57) The encryption secured computer system (10) 
includes a server (12) that communicates with clients 
(14-20) across a public network (21) using a novel 
transaction coded decryption key technology that dis- 
courages wrongful redistribution of protected informa- 
tion such as digital musical scores, and allows for 
tracking of infringing activity. In one implementation, the 
server (12) distributes access software and partially 
encrypted musical scores to clients upon request. A cli- 
ent can sample the partially encrypted scores prior to 



consummating a transaction. When a score is selected, 
the client enters payment information and is assigned a 
password that is specific to the client and transaction. 
The password functions as a decryption key to enable 
use of the musical score by the client employing the 
access software. Any subsequent wrongful redistribu- 
tion of the musical score together with the decryption 
password can be traced due to client identifying infor- 
mation encoded into the password. 
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Description 

Field of the Invention 

The present invention relates generally to monitor- 
ing the distribution of information that is accessible 
through a public network and, in particular, to a method 
and system for using key-based encryption to inhibit 
and track unauthorized distribution by a key holder. The 
invention has particular application with regard to the 
commercial distribution of copyrighted works or other 
proprietary subject matter over a public network. 

Background of the Invention 

The advent of widely available public computer net- 
works, and particularly public networks capable of sup- 
porting multimedia functions such as the Internet, 
presents a great opportunity for consumers and content 
providers such as music publishers. Such networks 
afford content providers increased access to an ever 
growing market. Consumers benefit from improved 
access to information and greater convenience. Moreo- 
ver, in some cases, the digital nature of the information 
received over a network is preferable to more conven- 
tional modes such as printed media. For example, dig- 
ital sheet music can be printed to replicate its printed 
media counterpart. Additionally, the digital sheet music 
can be directly processed by audio and video playback 
programs, as well as by a variety of digital musical 
instruments and equipment such as Musical Instrument 
Digital Interface (MIDI) devices. 

Despite this potential, content providers have been 
reluctant to embrace this market in many cases. One 
reason for this reluctance has been a perceived threat 
that access to proprietary subject matter such as copy- 
righted music over a public network will erode owner- 
ship interests in and revenues from such subject matter. 
The concern is that unscrupulous persons will wrong- 
fully access such subject matter or that authorized 
users, having rightfully accessed the subject matter, will 
thereafter distribute the subject matter in contravention 
of the content providers' rights. Although such possibili- 
ties exist in connection with other modes of distribution, 
public network distribution is thought by some to 
present peculiar dangers due to the ease with which 
widespread distribution can be accomplished, e.g., via 
bulletin boards and the like. 

Indeed, conventional computer security systems 
developed to control access to restricted access data 
are not well-suited to address these concerns of content 
providers. For example, access password systems are 
somewhat effective in limiting access to designated 
information, but do not afford protection once the infor- 
mation is transmitted from the server system to a public 
network. Encryption systems have been devised to pre- 
vent use of information that is wrongfully intercepted as 
a result of transmission over a network. In this regard, in 



key-based encryption systems, authorized clients are 
provided with a decryption key. The protected informa- 
tion is then transmitted in encrypted form to prevent use 
by any intercepting party. The authorized client receives 
5 the encrypted information and uses the decryption key 
to decrypt the information. Unfortunately, such encryp- 
tion systems generally do not provide adequate safe- 
guards to discourage the authorized clients from 
subsequently redistributing the protected information. 

10 

Summary of the Invention 

The present invention is directed to a method and 
system for controlling access to protected information 

15 from a server, as well as discouraging and tracking sub- 
sequent redistribution of such information after it has 
been transmitted from the server. The invention facili- 
tates commercial distribution of proprietary subject mat- 
ter through public or open networks by providing 

20 improved protection of proprietary rights and increasing 
the likelihood that infringing activity will be corrected. 
Moreover, the invention provides increased marketing 
flexibility by allowing for limited, multiple-use authoriza- 
tion and pre-purchase sampling of copyrighted works or 

25 other confidential subject matter. The invention also 
provides a novel, encryption on-demand capability 
which, it is believed, has not been feasible in connection 
with physical storage media such as CD-ROM and mag- 
netic storage media. 

30 According to one aspect of the present invention, a 
method and corresponding system is provided for mon- 
itoring distribution of information accessible over a pub- 
lic network on a client-specific basis. The method 
includes the steps of: establishing a database of infor- 
ms mation at a server; encrypting at least a portion of the 
information using a key-based encryption system; in 
connection with a request by a client, assigning a client- 
specific key to the client; and transmitting the key to the 
client. The client-specific key includes some indicia that 

40 can be used to identify the client, thereby allowing for 
monitoring of information use on a client-specific basis. 

The database can include various types of informa- 
tion, for example, digital sheet music, literary or artistic 
works, software programs, or other subject matter trans- 

45 mittable in digital form. Any identifying information can 
be coded into the key for client identification. Examples 
include: personal or financial data provided by the cli- 
ent; address information for the clients' computer or web 
site; account numbers or serial numbers; other informa- 

50 tion for identifying the computer used by the client; and 
abbreviated or encoded versions of any of the above. 
Conveniently, such information can be stored in a sepa- 
rate client database and indexed to the key. Preferably, 
the decryption system requires entry of the key each 

55 time the protected information is used (La, the system 
does not store the information in decrypted form) and 
appends the client identifying information to any redis- 
tributed digital or hard copies of the information. In this 
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manner, the client is discouraged from redistributing the 
protected information because the key is required to 
use the information in its original digital form, and distri- 
bution of the key or an identified hard copy may involve 
disclosure of sensitive information or otherwise create a 
traceable record of the client's infringing activity. 

According to another aspect of the present inven- 
tion, a method and corresponding system is provided 
for enabling transaction-specific access authorization 
with respect to protected information. The method 
involves the use of a key-based encryption system, 
such as generally discussed above, where decryption 
keys are assigned on a transaction-by-transaction 
basis. That is, decryption keys are assigned on demand 
in connection with a transaction involving communica- 
tion of the protected information from the server to a cli- 
ent. For example, the transaction may involve the 
purchase of a copy of sheet music, a digital musical 
score or other protected information, or it may involve 
paying a license fee to use such information a desig- 
nated number of times, for a designated duration, or 
during a designated license term. The key can include 
information sufficient to identify the subject information 
and/or the client. The invention thereby allows for trans- 
action-specific authorization and increased market- 
ing/distribution possibilities. 

According to a further aspect of the present inven- 
tion, partially encrypted information is transmitted prior 
to providing a decryption key so as to allow for sampling 
of the information before a transaction is consummated. 
In particular, the associated method involves establish- 
ing a database of information at a network server, 
encrypting a portion of the information and receiving an 
access request. Upon receiving an access request, a 
selected portion of the information is transmitted in par- 
tially encrypted form and, thereafter, a decryption key is 
transmitted to the client. By way of example, the partially 
encrypted information can be sheet music where only 
the first page of a score is unencrypted for viewing. The 
client can thereby browse through a selection of scores 
prior to making a purchasing decision, authorizing pay- 
ment and, in response, receiving a decryption key. 

According to a still further aspect of the present 
invention, a method and corresponding system is pro- 
vided for enabling post-transmission monitoring of infor- 
mation use by a client. The method includes the steps 
of: receiving encrypted information and storing the infor- 
mation in memory in its encrypted form; receiving a 
decryption key and storing the key in memory separate 
from the encrypted information, for example, in a cache; 
identifying a request by a client to access the informa- 
tion; in response to the request, retrieving the encrypted 
information and key from memory and, thereafter, 
decrypting the information; and outputting the informa- 
tion for use by the client. The method can be imple- 
mented, for example, by playback/display software 
running on a client computer. The software can be pro- 
grammed for limiting access to the protected informa- 



tion according to transaction parameters e.g.. limiting 
access to the scope of a license purchased by the cli- 
ent. The access request can be an "open file," "display," 
or "print" message or the like. 

s In a preferred implementation, the protected infor- 
mation is never saved in its decrypted form but, rather, 
is only decrypted on a just-in-time basis when the corre- 
sponding f ile(s) is opened for use. Accordingly, redistri- 
bution of the information in its decrypted form is 

10 discouraged or practically prevented. Moreover, in order 
to permit third-party use of the information, redistribu- 
tion of the information in its encrypted form will also 
require distribution of the decryption key, which may be 
an unattractive option for the client. 

15 The present invention thus allows for monitoring 
access to protected information on a server and subse- 
quent use or redistribution by a client. Additionally, the 
invention allows for tracking of any unauthorized redis- 
tribution and thus facilitates enforcement of server 

20 rights. The invention also provides for increased mar- 
keting/distribution options and novel on-demand 
decryption key coding. By virtue of these and other 
advantages, the invention promotes distribution of pro- 
prietary subject matter over public networks to the 

25 mutual benefit of consumers and content providers. 

Brief Description of the Drawings 

For a more complete understanding of the present 
30 invention and further advantages thereof, reference is 
now made to the following detailed description, taken in 
conjunction with the drawings, in which: 

Fig. 1 is a schematic diagram of a computer system 
35 in accordance with the present invention; 

Fig. 2 is a chart providing a functional overview of 
the distribution monitoring system of the present 
invention; 

Fig. 3 is a diagram of the Music Viewer download 
40 function of the system of Fig. 2; 

Fig. 4 is a diagram of the music download function 
of the system of Fig. 2; 

Fig. 5 is a diagram of the on-line music purchase 
function of the system of Fig. 2; 
45 Fig. 6 is a flow chart of the music printing function of 
the system of Fig. 2; 

Fig. 7 is a flow chart of the music viewing function of 
the system of Fig. 2; 

Fig. 8 is a schematic diagram of the encryp- 
so tion/decryption components of the system of Fig. 2 ; 
and 

Fig. 9 is a flow chart of the encryption/decryption 
function of the system of Fig. 2. 

55 Detailed Description of the Invention 

The distribution monitoring system of the present 
invention is useful in a variety of applications where it is 
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desired to monitor the distribution of proprietary subject 
matter over a public network. In the following descrip- 
tion, the invention is set forth in the context of monitoring 
distribution of digital musical scores over a network. It 
will be appreciated that this particular application is set 
forth for the purpose of illustrating the invention, and 
various aspects of the invention have broader applica- 
tion as defined by the claims below. 

Fig. 1 illustrates an encryption secured computer 
system 10 according to the present invention. The com- 
puter system 10 includes a server 12 that can commu- 
nicate with clients 14-20 across a public network 21 
such as the Internet. In the case of the Internet, the 
server 12 can be accessed via the Netscape 2.01 or 
Microsoft Internet Explorer 3.0, or higher browsers. The 
server 12 generally includes a processor 22 and a 
library or database of digital musical scores stored in a 
memory 24 as files 26-32. As discussed in detail below, 
the server 12 is operative for receiving access requests 
from clients 14-20, assigning decryption keys or pass- 
words and transmitting an accessing program and 
selected scores to the clients 14-20 over network 21. A 
number of other functions relating to receiving payment, 
indexing and storing encoded decryption passwords 
and the like are also performed by server 12. 

For present purposes, the clients 14-20 may be 
considered as being functionally equivalent. Details of 
only one of the clients 14 are shown in Fig. 1 . Generally, 
the client 14 includes a central processing unit (CPU) 
34, an internal cache 36 and/or external cache 38, 
memory 40 and input/output (I/O) hardware 42, all inter- 
connected via data bus 44. The CPU, which may 
include any suitable microprocessor, is operative for 
downloading and running the accessing program, 
accessing memory 40 and caches 36 and 38, and com- 
municating with I/O hardware 42. In the illustrated 
embodiment, the CPU 34 also includes a built-in, inter- 
nal cache for storing the decryption key used to decrypt 
downloaded musical scores. Generally, cache 36 is an 
area of extremely fast Random Access Memory (RAM) 
for storing frequently used or time critical data so as to 
allow for faster operation. The cache 36 can be 
accessed more rapidly than memory 40. Alternatively, 
the decrypting key can be stored in an external cache 
38, which may comprise a RAM chip located on the 
computer motherboard. Memory 40, which is separate 
from caches 36 and 38, may include computer memory 
as well as the storage of floppy disks, CD-ROM drives 
and hard drives. The I/O hardware 42 can include a 
number of types of devices including a mouse, key- 
board or other user input device; a viewing monitor; a 
printer; or a MIDI device. 

Fig. 2 provides a functional overview of a music dis- 
tribution monitoring system 46 used in connection with 
the computer system 10 of Fig. 1. As shown in Fig. 2, 
the monitoring system 46 can be broken down into a 
number of functions that are executed by logic on the 
server and/or a client. The functions of the illustrated 



system 10 include: downloading (48) a music accessing 
program, in this case designated the "Music Viewer," for 
use by a client in accessing music files stored on the 
server; downloading (50) a selected musical score from 

5 the server; purchasing (52) music on-line (and thereby 
obtaining an access license and encoded decryption 
key); printing (54) and/or viewing (56) the music and 
music encryption/decryption. It will be appreciated that 
the music may also be reproduced from digital informa- 

w tion using a MIDI device or the like. Each of these func- 
tions is discussed in turn below. 

Fig. 3 illustrates the Music Viewer download func- 
tion of one implementation of the present invention. 
After communication between the server and client has 

is been established through the network, the client initi- 
ates the download function by requesting (58) the 
server to download the program. This request can be 
entered by following appropriate prompts from the 
server site. The server receives (60) the download 

20 request and sends (62) the Viewer software package to 
the client. Upon receiving (64) the software package, 
the client runs the setup code to install the Music Viewer 
software. In order to access musical scores stored in 
the server library in the illustrated system, the client is 

25 assigned a unique Viewer identification code. Accord- 
ingly, the client is prompted to request (66) a Viewer ID 
as part of the download procedure. In response to the 
ID request, the server generates (68) a Viewer ID and 
logs the ID in a Viewer database. The server then sends 

30 (70) the newly generated Viewer ID to the client and 
logs the transmission time and date, the Internet Proto- 
col (IP) address (or similar information for other net- 
works) of the client, and the client's machine name or 
type ( as entered by the client user or determined from 

35 a transmission header or the like). The client then 
receives (72) the assigned Viewer ID and a successful 
installation is thus completed. 

The system of the illustrated embodiment allows 
the client user to browse through the music library and 

40 view a selected portion, e.g., the first page, of musical 
scores prior to consummating a transaction by purchas- 
ing a music copy or paying a license fee. Fig. 4 illus- 
trates the associated pre-purchase music download 
function. The function is initiated when the client selects 

45 a score to sample and requests (74) the music from the 
server. In this regard, the score may be selected from a 
list of titles by scrolling through the library and clicking 
on a selected title, by using a search function to call a 
title, or by any other appropriate means. The Viewer ID 

50 is also sent to the server at this time. Upon receiving the 
request, the server finds (76) the requested musical 
score, compresses and encrypts (or partially encrypts) 
the score as will be described below, and stores the 
encrypted score in the download area. In addition, the 

55 server assigns and logs a decryption key that is unique 
to the client and also logs an identification code for the 
score, the download IP, and the Viewer ID for the trans- 
mission. For example, the key can be a password com- 
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posed of two 32 bit numbers where one of the numbers 
is an index to identify the client in a client database and 
the other number is random, or encoded with additional 
information as desired. By indexing the key or password 
to the client database in this manner, the password can 5 
be used to identify the client, look up license or account 
information and otherwise monitor distribution on a cli- 
ent-specific and transaction-specific basis. 

The server then sends (78) the client the Uniform 
Resource Locator (URL) address of the newly 10 
encrypted music. Upon receiving (80) the URL, the cli- 
ent can request (82) a download of the file or files con- 
taining the encrypted music. The server then finds (84) 
the encrypted music in the download area, queues up 
the music, and downloads (86) the music to the client. 15 
The client receives (88) the encrypted music and stores 
the music in memory, e.g., computer memory, hard 
drive storage, etc. At this point in the illustrated imple- 
mentation, i.e., prior to purchase, only the first page of 
the score is not encrypted. Accordingly, the client user 20 
can play and view (90) the first page of the music to ver- 
ify that the downloaded score is the score desired by the 
user and to otherwise evaluate purchasing options. 

After thus browsing through the music library and 
sampling one or more scores, the client user may 25 
decide to make an on-line music purchase, e.g., to pur- 
chase a copy of the music in sheet music form, or to pay 
a license fee to print copies, view the music in its 
entirety, play back the music on the client's I/O hard- 
ware, or otherwise use the music. Such a license may 30 
be for single use, multiple use, unlimited use during a 
license term, etc. Fig. 5 illustrates the on-line purchase 
function. The function is initiated by the client by send- 
ing (92) payment information (for example, a credit card 
account number and expiration date, or the number of a 35 
previously established, pre-paid or unpre-paid account 
with the server institution), the score ID, the download 
IP, Viewer ID and/or any other information to the server. 
Some or all of this information may have already been 
transmitted to the server in connection with browsing 40 
the music library and would not necessarily have to be 
retransmitted. The exchange of personal and financial 
information can be encrypted using standard public key 
encryption as provided, for example, in the Secure 
Sockets layer of the browser. as 

Upon receiving (94) this information, the server 
downloads the score and Viewer ID, and contacts the 
client user's financial institution or a credit card approval 
service, looks up balance information, or otherwise 
obtains authorization for the transaction. Based on the so 
results of this authorization inquiry, the server sends 
back (96) to the client either a bad payment message 
(e.g, "payment declined'), or the server sends a decryp- 
tion password and logs the password and other transac- 
tion information in its database. By operation of the ss 
Music Viewer software, the client then receives (98) the 
password and stores the password in a password data- 
base separate from the downloaded music. It will thus 



be difficult for a client user to improperly redistribute 
music because the user will generally not be aware that 
a decryption password has been stored in its system, 
nor will the user know how to access the password. In 
operation, the Music Viewer software monitors client 
messages until it receives (100) an "open file" message 
indicating that the user desires to print, playback or oth- 
erwise use the music. At this time, the Music Viewer 
locates (102) the password, which may be stored in a 
client cache for speed of operation. The Music Viewer 
can also retrieve license information relevant to the cli- 
ent's access request and, in appropriate cases, incre- 
ment the client use count under the license as 
discussed below. If the client has remaining uses under 
a license, the Music Viewer decrypts the score in mem- 
ory. It will be noted that the music is never saved in 
decrypted form, but is only decrypted just-in-time for a 
requested use, thereby discouraging improper redistri- 
bution. 

Rg. 6 illustrates a music printing function according 
to the invention. As previously noted, after downloading 
music and a password, the Music Viewer monitors client 
messages to identify access requests. When a print 
command is received (104), the Music Viewer consults 
its client database to determine (106) whether there are 
any remaining printouts allowed under the license previ- 
ously purchased by the client user. In this regard, the cli- 
ent user may have payed a single use or multi-use 
license fee. If the license has been exhausted, the client 
is notified (108) accordingly, and information may be 
provided concerning options for paying a further license 
fee. Otherwise, the Music viewer encodes (110) various 
information regarding the transaction in the user data- 
base, e.g., Viewer ID, score ID, download ID, date, time 
and number of licensed printouts used. This information 
can be encoded, for example, in a base 72 number 
string in an appropriate format, and then printed (112) 
on the copy (e.g., next to the copyright notice). Similarly, 
this same identification information can be written into a 
comment statement of a MIDI file to tag MIDI extrac- 
tions. This information allows for proper incrementing of 
a multi-use license and also allows for subsequent 
tracking of any improper redistribution of the printed 
copy. In this regard, if a printed copy of the score or MIDI 
file is found, the associated transaction and client can 
be readily decoded. 

Instead of, or in addition to printing the music, the 
on-line user may desire to view the music on a monitor. 
For example, the music may be viewed in conjunction 
with playing back the music for enhanced enjoyment, or 
the music may be displayed to facilitate selection of 
playback options involving tempo, instrumentation and 
the like. Fig. 7 illustrates the associated music viewing 
function. Upon receiving (1 14) a display command, the 
Music Viewer opens (116) the requested music file and 
determines (118) whether the file is encrypted. If the 
music is not encrypted, e.g., because it has been 
decrypted in a previous step or is public domain music, 
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the music can be directly displayed (124). However, in 
the case where the music is encrypted with the excep- 
tion of the first page for sampling, the Music Viewer pro- 
ceeds to display (1 20} the first page and disable printing 
or MIDI extraction. If the client user then attempts to dis- 5 
play the remainder of the music, the Music Viewer first 
determines (122) whether a valid and unexpired pass- 
word has been assigned to the user. If so, the music is 
decrypted and displayed (124). Otherwise, an error 
message is displayed (126). to 

Figs. 8 and 9 illustrate one implementation of the 
encryption/decryption function of the music distribution 
monitoring system. It will be appreciated that any suita- 
ble technique, including using a public key encryp- 
tion/decryption algorithm, can be employed as the base 15 
level encryption/decryption technology in accordance 
with the present invention. In addition, the base level 
encryption/decryption technology can be implemented 
in hardware and/or software logic. The following 
description illustrates one exemplary implementation. 20 
Referring first to Fig. 8, the encryption/decryption com- 
ponents are schematically shown. On the server side, 
the encryption/decryption subsystem 126 includes com- 
pression logic 128, random number generator 130 and 
exclusive OR (XOR) gate 132. The compression, which 25 
can be a conventional data compression software pro- 
gram or a data compression hardware package, 
receives the raw digital musical score and compresses 
the score for transmission. It will be appreciated that this 
compression, in addition to improving transmission 30 
speed, enhances subsequent encryption as the com- 
pressed and encrypted data will be especially difficult 
for an intercepting party to decipher. The random 
number generator 130 can include one or more conven- 
tional random number generating programs. In this 35 
regard, two such programs can be employed to handle 
the two 32 bit words of the decryption password. The 
random number generator 130 implements an algorithm 
for generating a determined series of values starting 
from an initial seed. In the illustrated embodiment, the 40 
assigned password is provided to the generator 130 as 
a seed. Hie generator 130 also receives an input from 
the compressed data stream line that triggers the gen- 
erator 130 such that the generator 130 outputs a bit 
stream equal in length to and coordinated with the com- 45 
pressed data stream. The generator output and com- 
pressed data stream are used as the two inputs into the 
XOR gate 132 which performs its characteristic disjunc- 
tive comparator function. The output from XOR gate 
1 32 is transmitted over the network to the client. so 

On the client side, the subsystem 1 26 includes a cli- 
ent-side random number generator 134 and client-side 
XOR gate 136, each identical to its server-side counter- 
part. The subsystem 126 further includes decompres- 
sion logic 138 that is the logical complement of ss 
compression logic 128. The random number generator 
134 uses the password as a seed, and generates a bit 
stream of length determined by an input from the 



encrypted data stream. It will thus be appreciated that 
the output bit stream from generator 1 34 will be identical 
to that of generator 132, this output, and the encrypted 
data stream, serve as the two inputs into XOR gate 136. 
The successive operation of the XOR gates 132 and 
136 yield an output from XOR gate 136 that is identical 
to the output from compression logic 128, i.e., a com- 
pressed digital music score. This compressed score is 
decompressed by decompression logic 138 to yield the 
digital score in uncompressed, decrypted form. It 
should be noted that the musical score is decrypted as 
part of the music output process, not prior to saving the 
score. Additionally the encryption/decryption process 
can be successively performed on page-sized chunks in 
the case of printing, or on appropriately-sized portions 
of an audio output (e.g. P two seconds of the score), in 
order to allow for display/play-back on an as-ready 
basis. 

The encryption/decryption process is summarized 
in the flow chart of Fig. 9. The process is initiated, on the 
server side, by receiving (140), or calling from memory, 
a digital representation of the musical score. The digital 
representation is then, in sequence, compressed (142), 
encrypted (144) and transmitted (146) across the net- 
work to the client. On the client side, the signal is first 
decrypted (148) to obtain a compressed digital repre- 
sentation, and then decompressed (150) to obtain the 
digital score. The score can then be output (152) as 
desired by the client user. 

The following prophetic example illustrates the 
overall operation of the music distribution monitoring 
system of the present invention. A client accesses the 
music distribution server at its World Wide Web site 
using, for example, the Microsoft Internet Explorer 3.0 
browser. From the server home page, the user first 
selects the option for downloading the Music Viewer 
program. After selecting this option, the user follows the 
prompts or instructions to install the software and, in the 
process, enters various requested identification data. 
The user may then return to the home page and select 
the music library option to browse the available selec- 
tions. The user can then scroll through the available 
selections to identify a score of interest, for example, 
"Mozart's Sonata Number 1." In order to verify that this 
is the piece that the user has in mind, the user may 
download the score for sampling. The Music Viewer 
software stores the partially encrypted digital score and 
will allow the first page of the score (which is transmitted 
in unencrypted form) to be displayed on the client mon- 
itor and played back. 

After one or more scores are thus sampled, the 
user may decide that he desires to print, view or other- 
wise use a digital score and that he therefore desires to 
purchase a copy of or pay a license fee for the score. 
The user can then select a purchase function and a 
menu of purchase options will be provided, e.g.. single 
print license multi-print license, unlimited viewing 
license for a given license term, etc. The user selects 
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the desired option, responds to a series of prompts con- 
cerning identification information and payment informa- 
tion, e.g., by entering a credit card number and personal 
information. If payment is approved, the user will be 
assigned a decryption password that is indexed to the 
client's identifying information in a client database held 
by the server. By way of example, the client may pay a 
license fee for ten printouts. In the same or subsequent 
sessions, the client can request a printout under the 
license. The system will keep track of the number of 
printouts used and allow printing only so long as the 
license is unexhausted. Whenever the user prints out a 
copy of the score, an encoded string of characters is 
printed next to the copyright notice. 

An unscrupulous user may attempt to redistribute 
the music with disregard for the server/copyright 
holder's rights. Having the downloaded music file on his 
system, the user may attempt to redistribute the music 
electronically. However, having thus attempted to 
wrongfully redistribute the music, the user will discover 
that the redistributed information cannot be used 
because it is encrypted. Such a user may attempt to 
break the encryption code and may even ultimately sur- 
mise that a key has been stored in the client's memory 
somewhere separate from the music file. In the unlikely 
event that the user should succeed in redistributing the 
music together with the password in useable form, the 
infringing user will have unwittingly left a record of his 
infringing activity in the form of the personal information 
that can be derived from the client/transaction encoded 
password. Similarly, redistribution of printed copies or 
MIDI files will provide a record due to the coded charac- 
ter string included with the copyright notice or in com- 
ment statements. In any event, the coded information 
facilitates enforcement and thus discourages infringe- 
ment. 

While various embodiments and applications of the 
present invention have been described in detail, it is 
apparent that further modifications and adaptations of 
the invention will occur to those skilled in the art. How- 
ever, it is to be expressly understood that such modifica- 
tions and adaptations are within the spirit and scope of 
the present invention. 

Claims 

1 . A method for use in monitoring distribution of infor- 
mation accessible through a public network said 
information included in a database at a server of 
said public network, comprising the steps of: 

encrypting at least a first portion of said infor- 
mation using a key-based encryption system, 
said key-based encryption system requiring 
entry of a key to decrypt said encrypted infor- 
mation; 

in connection with a request by a network cli- 
ent, assigning a first client-specific key to said 



client for decrypting said encrypted informa- 
tion, said first client-specific key including at 
least a first identifier useful for identifying said 
client; and 

5 transmitting said first client-specific key to said 

client, wherein said key can be used to monitor 
distribution of said information on a client-spe- 
cific basis. 

w 2. A method as set forth in claim 1 wherein said infor- 
mation comprises a digital musical score and said 
step of encrypting at least a portion of said informa- 
tion comprises retaining a second portion of said 
digital musical score in an unencrypted form so as 

75 to allow for sampling of said digital musical score 
prior to decryption. 

3. A method as set forth in claim 1 wherein said step 
of assigning said first client-specific key comprises 

20 acquiring identification information regarding said 
client and encoding said identifier with respect to 
said acquired identification information. 

4. A method as set forth in claim 3 wherein said iden- 
25 trfier comprises a password that is indexed to a cli- 
ent database including said identification 
information. 

5. A method as set forth in claim 3 wherein said iden- 
30 trfier includes information for identifying client 

equipment. 

6. A method as set forth in claim 3 wherein said iden- 
tifier includes information for identifying a client 

35 user. 

7. A method as set forth in claim 1 , further comprising 
the step of transmitting said encrypted information 
to said client prior to said step of transmitting said 

40 first client-specific key. 

8. A method as set forth in claim 1 , further comprising 
the step of transmitting accessing software to a cli- 
ent, said accessing software being operative for 

45 allowing said client to access said information in 
said database. 

9. A method as set forth in claim 8, further comprising 
the step of employing said accessing software to 

so print a copy of said information. 

10. A method as set forth in claim 8 wherein said infor- 
mation comprises a digital representation of a musi- 
cal score, and said method further comprises the 

55 step of employing said accessing software to play 
back said musical score. 

1 1 . A method as set forth in claim 8, farther comprising 
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the step of displaying said information. 

12. A method as set forth in claim 1 wherein said step 
of assigning said first client-specific key is con- 
ducted in response to receiving said request by s 
said client. 

13. A method as set forth in claim 1, further comprising 
the steps of storing said information in a first area of 
memory and storing said first key in a second area 10 
of memory separate from said first area, wherein 
said information and said first key can be separately 
accessed. 

14. A method as set forth in claim 1 , further comprising is 
the steps of storing said information in a client 
memory in encrypted form, receiving a request to 
output said information, and decrypting said 
encrypted information in response to said output 
request. 20 

15. A method as set forth in claim 1, further comprising 
the steps of receiving an access request from a 
second network client requesting access to said 
information and assigning a second client-specific 25 
key, different from said first client-specific key, to 
said second client for decrypting said encrypted 
information. 

1 6. A method as set forth in claim 1 , further comprising 30 
the step of using said first client-specific key to track 
subsequent redistribution of said information. 

17. A method as set forth in claim 1, further comprising 
the steps of outputting an output copy of said infor- 35 
mation and embedding identification information in 
said output copy, wherein said identification infor- 
mation facilitates tracking of redistribution of said 
information. 

40 

18. A computer system for use in monitoring distribu- 
tion of protected information accessible through a 
public network, comprising: 

a first area of memory tor storing a database 45 
including said protected information; 
a controller operative for receiving an access 
request from a network client requesting 
access to said protected information, obtaining 
identification information useful for identifying a so 
source, and assigning a decryption key using 
said identification information; and 
encryption logic for encrypting said protected 
information based on said decryption key 
wherein said decryption key is useful for ss 
decrypting said encrypted protected informa- 
tion. 



19. A computer system as set forth in claim 18, further 
comprising a second area of memory for storing 
said identification information, wherein said identifi- 
cation information is indexed to said decryption key. 

20. A system as set forth in claim 1 8 or 1 9 wherein said 
controller is further operative for receiving payment 
information from a client, wherein said decryption 
key is assigned in response to receiving said pay- 
ment information. 

21 . A system as set forth in claim 18,19, or 20 wherein 
said protected information comprises a digital musi- 
cal score and said encryption logic is operative for 
partially encrypting said score. 

22. A system as set forth in claim 18, 19, 20, or 21 
wherein the source is said network client. 



40 



45 



50 



15 



8 



EP 0 843 449 A2 



SYSTEM OVERVIEW 



DOWNLOAD 
"MUSIC VIEWER" 
ACCESSING 
PROGRAM 

48 



DOWNLOAD 
MUSICAL SCORE 

50 



PURCHASE 
MUSIC ONLINE 

52 



PRINT MUSIC 
54 



VIEW MUSIC 
56 



FIG. 2 

10 



EP0 843 449 A2 

MUSIC VIEWER DOWNLOAD 



CLIENT 



REQUEST 

VIEWER 

DOWNLOAD 



58 



SERVER 



RECEIVE 
VIEWER 
DOWNLOAD 
REQUEST 



60 



RECEIVE 
VIEWER, RUN 
SETUP TO 
INSTALL 64 



SEND VIEWER 
TO CLIENT 62 



REQUEST 
VIEWER ID 
FROM 

SERVER 66 



GENERATE NEW 
VIEWER ID AND 
LOG IN 



DATABASE 



68 



RECEIVE VIEWER 
ID ON USER 
MACHINE, 
SUCCESSFUL 
INSTALLATION 



72 



THE INTERNET OR 
ANY PUBLIC 
NETWORK 




SEND NEWLY 
GENERATED 
VIEWER ID TO 
CLIENT, LOG TIME, 
DATE, IP ADDRESS 
AND MACHINE NAME 
OF CLIENT IN 
DATABASE 7Q 



FIG. 3 



11 



EP0 843449 A2 



MUSIC DOWNLOAD 



CLIENT 



REQUEST MUSIC 
(SENDS VIEWER 
ID ALSO) 74 



RECEIVE 
ADDRESS (URL) 
OF NEWLY 
ENCRYPTED 
MUSIC 80 



REQUEST 
DOWNLOAD OF 
ENCRYPTED 
MUSIC 82 



RECEIVE 
ENCRYPTED 
MUSIC IN 
MEMORY 88 



PLAY AND VIEW 
THE FIRST PAGE 

OF THE MUSIC 
90 



THE INTERNET OR 
ANY PUBLIC 
NETWORK 




SERVER 



FIND MUSIC, 
ENCRYPT IT, 
COMPRESS IT, 
STORE IN 
DOWNLOAD AREA, 
LOG PASSWORD, 
SCORE ID, 
DOWNLOAD IP AND 
VIEWER ID 76 



SEND ADDRESS 
(URL) OF NEWLY 
ENCRYPTED 
MUSIC 78 



FIND NEWLY 
ENCRYPTED 
MUSIC IN 
DOWNLOAD 
AREA AND 
QUEUE UP 
DOWNLOAD 



84 



SEND (DOWNLOAD) 
ENCRYPTED MUSIC 
TO CLIENT 86 



FIG. 4 



12 



EP0 843 449 A2 




13 



EP0843449A2 

PRINTING MUSIC 



( START j 



1 


r 


RECEIVE PRINT 
COMMAND 104 



ARE THERE ANY 
REMAINING PRINTOUTS 
.UNDER LICENSE?. 



106 



Yes 



ENCODE VIEWER ID, 
SCORE ID, DOWNLOAD 
ID, DATE, TIME, 
NUMBER OF LICENSED 
PRINTOUTS USED 110 



-NO- 



NOTIFY CLIENT 
THAT LICENSE IS 
EXHAUSTED, NEW 
LICENSE MAY BE 
OBTAINED 108 



PRINT ENCODED 
INFORMATION 



112 



( END ) 



FIG. 6 



14 



EP0 843449 A2 



-NO- 



DISPLAY 
MESSAGE 



ERROR 
126 



VIEWING MUSIC 
(start) 



1 


r 


receive display 

COMMAND 114 




f 


OPEN ML 


SIC FILE 
116 








YES 



DISPLAY FIRST PAGE, 
DISABLE PRINTING AND 
MIDI EXTRACTION 120 




YES 



DISPLAY MUSIC 

124 



FIG. 7 



15 



EP0843449 A2 




00 

g 

u. 



16 



EPO 843449 A2 



ENCRYPTION/DECRYPTION 

(start) 



RECEIVE DIGITAL 
REPRESENTATION OF 
MUSICAL SCORE 140 



COMPRESS DIGITAL 
REPRESENTATION 142 



ENCRYPT COMPRESSED 
DIGITAL REPRESENTATION 144 



TRANSMI' 
ENCRYPTED 
INFORMATION 146 



DECRYPT INFORMATION 
TO OBTAIN 

COMPRESSED DIGITAL 
REPRESENTATION 148 



DECOMPRESS TO 
OBTAIN DIGITAL 
REPRESENTATION 150 



OUTPUT DIGITAL 
REPRESENTATION 



152 



QNCT) 

FIG. 9 



17 




Europaisches Paten tarn t 
European Patent Office 
Office europeen des brevets 



(12) 
(88) 



(43) Date of publication A2: 

20.05.1998 Bulletin 1998/21 

(21) Application number: 97119539.1 

(22) Date of filing: 07.11.1997 



(84) Designated Contracting States: 

AT BE CH DE DK ES Ft FR GB GR IE IT LI LU MC 
NLPTSE 

Designated Extension States: 
AL LT LV MK RO SI 

(30) Priority: 08.11.1996 US 744430 

(71) Applicant: Sunhawk Corporation, Inc. 
Seattle, Washington 98112 (US) 



NllllRIIDIinilUIIll 

(id EP 0 843 449 A3 



(72) Inventors: 

• Eller, Marlin J. 

Seattle, Washington 98112 (US) 

• Mills, Brent R. 

Seattle, Washington 98115 (US) 

(74) Representative: GrOnecker, Kinkeldey, 

Stockmalr & SchwanhSusser Anwaltssozletat 
Maximilianstrasse 58 
80538 Miinchen (DE) 



EUROPEAN PATENT APPLICATION 

Date of publication A3: (51) Int CI. 7 : H04L 29/06 

03.03.2004 Bulletin 2004/10 



(54) Encryption system with transaction coded decryption key 



(57) The encryption secured computer system (10) 
includes a server (12) that communicates with clients 
(1 4-20) across a public network (21 ) using a novel trans- 
action coded decryption key technology that discourag- 
es wrongful redistribution of protected information such 
as digital musical scores, and allows for tracking of in- 
fringing activity. In one implementation, the server (12) 
distributes access software and partially encrypted mu- 
sical scores to clients upon request. A client can sample 



the partially encrypted scores prior to consummating a 
transaction. When a score is selected, the client enters 
payment information and is assigned a password that is 
specific to the client and transaction. The password 
functions as a decryption key to enable use of the mu- 
sical score by the client employing the access software. 
Any subsequent wrongful redistribution of the musical 
score together with the decryption password can be 
traced due to client identifying information encoded into 
the password. 



SERVER 



CO 
< 

CO 

oo 
o 

Ql 
111 



PROCESSOR 



MEMORY 




CLIENT 1 



CPU RUNNIMG 
ACCESS 
SOFTWARE 



CACHE 
STORING 
DECRYPTION 
KEY 



I 



EXTERNAL 
CACHE 



7? 







42- 




MEMORY 




I/O 



CLIENT 2 



CLIENT 3 



-16 
^18 



FIG. 1 



CLIENT n 



Printed by Jouve, 75001 PARIS (FR) 



EP 0 843 449 A3 



European Patent 
Office 



EUROPEAN SEARCH REPORT 



Application Number 

EP 97 11 9539 



DOCUMENTS CONSIDERED TO BE RELEVANT 



Category 



Citation of document with indication, wher© appropriate, 
of relevant passages 



Relevant 
to claim 



CLASSIFICATION OF THE 
APPLICATION (lnt.CI.6) 



CHOUDHURY A K ET AL: "COPYRIGHT 
PROTECTION FOR ELECTRONIC PUBLISHING OVER 
COMPUTER NETWORKS" 

1 May 1995 (1995-05-01) , IEEE NETWORK, 
IEEE INC. NEW YORK, US, VOL. 9, NR. 3, 
PAGE(S) 12-20 XP00O5O5280 
ISSN: 0890-8044 

* page 12, column 1, line 26 - page 14, 
column 2, line 35 * 

* page 15, column 1, line 15 - page 17, 



1-15, 
18-22 



H04L29/06 
G06F1/00 
G06F21/00 
G07F17/16 



column 2, line 46 
* page 17, column 1, line 31 
line 37 * 



column 2, 



EP 0 715 247 A (XEROX CORP) 

5 June 1996 (1996-06-05) 

* page 2, line 29 - page 7, line 22 



16,17 



16,17 



TECHNICAL FIELDS 
SEARCHED (lnLCI.6) 



H04L 
G06F 
G07F 



The present search report has been drawn up for alt claims 



Place ol Boarch 

THE HAGUE 



Data ot complstion of the search 

14 January 2004 



Examintr 

Gavriliu, B-A 



CATEGORY OF CITED DOCUMENTS 

X : particularly relevant if taken oiono 

Y : particularly relevant it combined with another 

document of the same category 
A : technological background 
O : non-written disclosure 
P : intermediate document 



T : theory or principle underlying the Invention 
E : earlier patent document, but published on, or 

after the filing date 
D : document dted m the application 
L : document cited for other reasons 

& : member of the same patent family, corresponding 
document 



2 



EP 0 843 449 A3 



ANNEX TO THE EUROPEAN SEARCH REPORT 
ON EUROPEAN PATENT APPLICATION NO. 



EP 97 11 9539 



This annex lists the patent family members relating to the patent documents cited in the above-mentioned European search report 
The members are as contained in the European Patent Office EDP file on 

The European Patent Office is in no way liable for these particulars which are merely given for the purpose of information. 

14-01-2004 



Patent document 
cited in search report 



Publication 
date 



Patent family 
member(s) 



Publication 
date 



DE 


o95c99o3 


rti 




0E 


69529963 


TO 

TZ 


ll-fcjy-cutli 


EP 


1276G35 


A2 


15-01-2003 


EP 


1276036 


AO 

A2 


15-01-2003 


EP 


1293860 


A2 


ift ft"3 onft^ 

19-03-2003 


EP 


1293861 


AO 

A2 


19-03-2003 


EP 


1293862 


AO 

A2 


1ft ft2 OAftO 

19-03-2003 


EP 


1293863 


AO 

AZ 


1ft ftO OftftO 

19-03-2003 


co 

EP 


1293864 


AZ 


X9-Uo-£t»03 


EP 


1 Oil QAOO 


AO 


Ul-lO-cWOo 


EP 


1349049 


A2 


Gl-10-2003 


EP 


1349641 


A2 


01-10-2003 


EP 


1349642 


A2 


01-10-2003 


EP 


1349644 


A2 


01-10-2003 


EP 


1349845 


A2 


01-10-2003 


EP 


0715247 


Al 


05-06-1996 


JP 


8263438 


A 


11-10-1996 


US 


2602128856 


Al 


12-09-2002 


US 


2602128972 


Al 


12-09-2002 


US 


2602133465 


Al 


19-09-2002 


US 


2603023561 


Al 


30-01-2003 


US 


2603225698 


Al 


04-12-2003 


US 


2003225699 


Al 


04-12-2003 


US 


2003115144 


Al 


19-06-2003 


US 


2003167236 


Al 


04-G9-20O3 


US 


2003208447 


Al 


06-11-2003 


US 


2003217010 


Al 


20-11-2003 


US 


2001023417 


Al 


20-09-20O1 


US 


2001010045 


Al 


26-07-2001 


US 


2001014882 


Al 


16-08-2001 


US 


2003069849 


Al 


10-94-2003 


US 


6236971 


Bl 


22-05-2001 



EP 0715247 



05-06-1996 



8 



ui For more details about this annex : see Official Journal of the European Patent Office, No. 12/82 



3 



